Check IP of your favorite domain.
nc rivit.dev 10004
If anybody face extreme problem !!! 1. use reverse engineering tool (Ghidra or binary ninja) , 2. After analyzing you will see , The program use the system call and use our input as it's argument/param without sanity check . For this , " command injection " can be applied 3. So , after nc in linux cat the flag ( ; cat flag.txt )
eazy if somebody needs help just let me know
the solution is soo dumb.. i was stuck at this challenge for 3 days.. thought of some complex stuff.. in 10 point challenge.. but no.. the answer is simple and very very dumb.. anyone wanting hints... well.. no hints do it yourself.. its very easy
btw.. nice challenge.. researched and learnt a lot.. Thankyou..
hint please
the solution is soo dumb.. i was stuck at this challenge for 3 days.. thought of some complex stuff.. in 10 point challenge.. but no.. the answer is simple and very very dumb.. anyone wanting hints... well.. no hints do it yourself.. its very easy
btw.. nice challenge.. researched and learnt a lot.. Thankyou..
6 days ago
No need of any extra tools. Just remember the type of exploits CFT crowd is using. Hint: Experiment with what are you typing in the prompt. This one is a good one for beginners.